Merge pull request #2899 from theupdateframework/dependabot/pip/depen… #2069

	name: "CodeQL Analysis"

	on:
	push:
	branches: [ develop ]
	pull_request:
	branches: [ develop ]
	schedule:
	- cron: '30 0 * * 2'
	workflow_dispatch:

	permissions: {}

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	# NOTE: If you add security critical permissions, start pinning used actions
	actions: read
	contents: read
	security-events: write # for uploading to code-scanning dashboard

	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	persist-credentials: false

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v4 # zizmor: ignore[unpinned-uses]
	with:
	languages: 'python'

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v4 # zizmor: ignore[unpinned-uses]

Provide feedback